logangoins/Stifle external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

logangoins/Stifle

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/logangoins/Stifle)

Close

logangoins / StifleView on GitHubMore

• External links
• Readme badge

.NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS

☆150Feb 10, 2025Updated last year

Alternatives and similar repositories for Stifle

Users that are interested in Stifle are comparing it to the libraries listed below

• decoder-it / KrbRelay-SMBServer

  View on GitHub
  ☆234Oct 8, 2024Updated last year
• deepinstinct / DCOMUploadExec

  View on GitHub
  DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely
  ☆384Dec 13, 2024Updated last year
• xforcered / ForsHops

  View on GitHub
  ForsHops
  ☆152Mar 25, 2025Updated 11 months ago
• nettitude / TokenCert

  View on GitHub
  TokenCert
  ☆102Nov 15, 2024Updated last year
• Thunter-HackTeam / EvilentCoerce

  View on GitHub
  ☆164May 5, 2025Updated 10 months ago
• ricardojoserf / TrickDump

  View on GitHub
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆541May 9, 2025Updated 10 months ago
• logangoins / Cable

  View on GitHub
  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
  ☆398Jul 23, 2025Updated 7 months ago
• decoder-it / KrbRelayEx-RPC

  View on GitHub
  ☆198Mar 28, 2025Updated 11 months ago
• EspressoCake / ADIDNS_Parser

  View on GitHub
  Parser and reconciliation tooling for large Active Directory environments.
  ☆33Feb 18, 2025Updated last year
• trustedsec / DitExplorer

  View on GitHub
  Tool for viewing NTDS.dit
  ☆197Mar 14, 2025Updated last year
• Kryp7os / SharpRBCD

  View on GitHub
  An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD
  ☆49Mar 10, 2025Updated last year
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆276Dec 27, 2024Updated last year
• klezVirus / RAIWhateverTrigger

  View on GitHub
  Local SYSTEM auth trigger for relaying - X
  ☆154Jul 23, 2025Updated 7 months ago
• decoder-it / ChgPass

  View on GitHub
  ☆136Feb 11, 2025Updated last year
• xforcered / Being-A-Good-CLR-Host

  View on GitHub
  ☆139Jan 16, 2025Updated last year
• deh00ni / NtDumpBOF

  View on GitHub
  ☆100Sep 1, 2024Updated last year
• Offensive-Panda / LsassReflectDumping

  View on GitHub
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆216Oct 19, 2024Updated last year
• logangoins / Krueger

  View on GitHub
  Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
  ☆424Sep 29, 2025Updated 5 months ago
• EricEsquivel / Inline-EA

  View on GitHub
  Cobalt Strike BOF for evasive .NET assembly execution
  ☆309Mar 31, 2025Updated 11 months ago
• boku7 / StringReaper

  View on GitHub
  Reaping treasures from strings in remote processes memory
  ☆285Feb 8, 2025Updated last year
• SpecterOps / cred1py

  View on GitHub
  A Python POC for CRED1 over SOCKS5
  ☆165Oct 5, 2024Updated last year
• CICADA8-Research / RemoteKrbRelay

  View on GitHub
  Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
  ☆640May 8, 2025Updated 10 months ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• kozmer / aad-bofs

  View on GitHub
  ☆139Nov 17, 2025Updated 4 months ago
• sokaRepo / CoercedPotatoRDLL

  View on GitHub
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆225Nov 23, 2023Updated 2 years ago
• garrettfoster13 / ldap_bofs

  View on GitHub
  Random BOFs for LDAP tradecraft
  ☆74Sep 9, 2025Updated 6 months ago
• grayhatkiller / SharpExShell

  View on GitHub
  SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
  ☆75May 1, 2024Updated last year
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆283Sep 18, 2024Updated last year
• ricardojoserf / NativeDump

  View on GitHub
  Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
  ☆701May 7, 2025Updated 10 months ago
• Octoberfest7 / Enumprotections_BOF

  View on GitHub
  A BOF to enumerate system process, their protection levels, and more.
  ☆125Nov 27, 2024Updated last year
• Tylous / FaceDancer

  View on GitHub
  FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…
  ☆407Sep 26, 2024Updated last year
• sud0Ru / NauthNRPC

  View on GitHub
  Enumerate Domain Users Without Authentication
  ☆282Apr 22, 2025Updated 11 months ago
• ricardojoserf / NativeBypassCredGuard

  View on GitHub
  Bypass Credential Guard by patching WDigest.dll using only NTAPI functions
  ☆268Apr 8, 2025Updated 11 months ago
• Paradoxis / ADSyncDump-BOF

  View on GitHub
  The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…
  ☆174Sep 3, 2025Updated 6 months ago
• xforcered / SoaPy

  View on GitHub
  SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
  ☆261Feb 21, 2025Updated last year
• badsectorlabs / sccm-http-looter

  View on GitHub
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)
  ☆211Sep 30, 2024Updated last year
• CrowdStrike / sccmhound

  View on GitHub
  A BloodHound collector for Microsoft Configuration Manager
  ☆393Jul 7, 2025Updated 8 months ago
• ZephrFish / QoL-BOFs

  View on GitHub
  Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning
  ☆137Dec 7, 2025Updated 3 months ago
• Friends-Security / SharpExclusionFinder

  View on GitHub
  Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
  ☆230Oct 6, 2024Updated last year